Posted on 10/28/2009 1:00:51 PM PDT by nickcarraway
Virus hunters are raising the alarm for a large-scale spam attack that uses fake Facebook password-reset messages to trick PC users into downloading a dangerous piece of malware.
The malicious executable is linked to the Bredolab botnet, which has been linked to massive spam runs and identity-theft related attacks.
Here’s a sample of the Facebook password-reset messages hitting e-mail inboxes this morning:
According to Websense, the address of the sender is spoofed to display “support@facebook.com,” a trick commonly used to trick targets into believing it’s a legitimate e-mail from the popular social network.
The messages contain a .zip file attachment with an .exe file that connects to two servers to download additional malicious files and joins the Bredolab botnet which means the attackers have full control of the PC, such as steal customer information, send spam emails. One of the servers is in the Netherlands and the other one in Kazakhstan.
Yeah I got this yesterday, and checked with our IT person who confirmed the attachment was a virus.
It was kind of a stupid attempt because I don’t have a Facebook account and I wasn’t the addressee on the email.
Got it and deleted it.
I knew there was a problem when it was sent to one of my alpacas’ email address.
If she has joined Facebook she has some explaining to do.
Good thing you deleted it. Alpacas are especially vulnerable to phishing spoofs.
Who falls for such simplistic attempts?
The email begins with “Hey!” from a multi-million dollar online service?
And then announces they’ve changed the password - out of the blue?
Some folks deserve to get infected.
Thanks for the warning. Scary stuff!
Actually, a lot of Web 2.0 companies use pretty informal communication.
I understand that but the password thing? Really?
That’s analogous to getting a phonecall from someone who claims to have your cat and wants ransom...and you don’t have a cat
So if I just got a Facebook Friends Request from your Alpaca, I should delete it?
Absolutely! She’s a sneaky little devil. Just wants to steal your identity and go shopping on Rodeo Drive...
Whatever you do, don’t “poke” the alpaca.
i got it and ignored it...
LMAO
better check with PETA first......
This email got thru our spam filter twice this morning.
I work for a very large international defense contractor.
I knew it was garbage, I have no facebook or any of that
stuff. I have little confidence in our IT system.
All alpacas long for a Pashmina coat.
I wouldn't blame them. It's an arm's race that the SPAMmers will always win and your friendly IT guys have productive work to do in their "spare" time besides stopping SPAM.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.